PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH"

Transcription

1 PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH FOC2015 Vienna /

2 Challenges for Future ICT Systems Cloud computing will be at the heart of future ICT systems The cloud will pervade all aspects of our life New information security and privacy risks arise The cloud service provider necessarily needs to be trusted Cloud computing builds on a problematic trust model This inhibits many companies to make use of the cloud State of the art cryptography does not provide the agility to protect data in the cloud No end-to-end encryption/security available for cloud usage 2

3 End-to-End Security 3

4 End-to-End Security (cont.) 4

5 End-to-End Security (cont.) 5

6 Cloud Computing 6

7 Current Situation in the Cloud 7

8 Trustworthy Cloud Computing 8

9 Cloud Security 2.0 9

10 What about Privacy? Cloud computing is also an outsourcing model Centralized data collection and aggregation can lead to privacy issues If personal data is stored and processed data privacy regulations have to be fulfilled Safe Harbor before the EU Court of Justice (CJEU) Big Data wants as much data as possible contradicts privacy requirements EU data protection rules are currently tightened ENISA recommends privacy and data protection by design 10

11 Project Metadata Call: H2020-ICT Acronym: PRISMACLOUD Type of Action: RIA Number: Partners: 16 Duration: 42 months Start Date: Estimated Project Cost: approx. 8.5M Euro Requested EU Contribution: approx. 8M Euro Coordinator: Austrian Institute of Technology GmbH 11

12 Project Objectives Development of cryptographic tools to protect the security of data during its lifecycle in the cloud. Development of cryptographic primitives, protocols and schemes for application in cloud environments. Development of cryptographic tools and methods to protect privacy of users. Development of cryptographic mechanisms to preserve privacy of user interacting with cloud services to only reveal necessary information. Creation of enabling technologies for cloud infrastructures. Provision of software and hardware implementations of relevant cryptographic mechanisms and techniques to certify the structure of cloud topologies. Development of a methodology for secure service composition. Development of a holistic security model methods for secure service composition. Examination of usability aspects as well as novel business models for secure services. Experimental evaluation and validation of project results. Evaluation and validation of project results in different domains dealing with sensitive data. Provisioning of baselines and best practices for tool usage. 12

13 Innovations Verifiability of data and infrastructure use protect the results of computation (maintain authenticity, enable verifiability), enable methods for infrastructure attestation User privacy enhancing technologies data minimization technologies, data anonymization Securing data at rest secure distributed information sharing, long-term security, security for structured data Secure and efficient implementations high-quality software and hardware implementations of primitives with prototyping, security testing of developed components Methodology, tools and guidelines for fast adoption holistic security models and tools for secure service composition, business models and standardization 13

14 Technology Readiness Level The main idea and ambition of PRISMACLOUD is to enable end-to-end security for cloud users and provide tools to protect their privacy with the best technical means possible - by cryptography. Verifiability of data and infrastructure use User privacy and anonymization Securing data at rest Secure and efficient implementations Methodology, tools and guidelines for fast adoption 14

15 Demonstration Smart City Pilot: ICT implementation of the European Disable Badge ( Surveillance CCTV cameras for law enforcement units ( E-Government Pilot: Advance electronic identity system Digital archiving Security for open data E-Health Pilot: Enable shift of parts of existing healthcare IT systems to the cloud (Healthcare TPaaS, ) 15

16 PRISMACLOUD Partners

17 Contact Website: Coordinator Contact: Thomas Loruenser PRISMACLOUD is also on: LinkedIn: Twitter: 17

Secure Cloud Identity Wallet

Secure Cloud Identity Wallet 1 CREDENTIAL Secure Cloud Identity Wallet DS-02-2014 Dr. Arne Tauber u 2 CREDENTIAL Research Project Call: H2020-DS-2014-1 Acronym: CREDENTIAL Type of Action: IA Number: 653454 Partners: 12 Duration: 36

More information

Privacy and security in the cloud

Privacy and security in the cloud Privacy and security in the cloud Challenges and solutions for our future information society Panel Building trust the technical challenges World Summit on the Information Society Forum 25-29 May 2015

More information

ICT SECURITY SECURE ICT SYSTEMS OF THE FUTURE

ICT SECURITY SECURE ICT SYSTEMS OF THE FUTURE OVERVIEW Critial infrastructures are increasingly dependent on information and communication technology. ICT-systems are getting more and more complex, and to enable the implementation of secure applications

More information

Towards Trustworthy Clouds

Towards Trustworthy Clouds IBM Research Zurich Christian Cachin 12 September 2013 Towards Trustworthy Clouds 2009 IBM Corporation Cloud computing? 2 Cloud services are convenient No investment cost Pay only for consumption Scalable

More information

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST

More information

Research and Innovation Challenges in Data Protection, Security and Privacy in the Cloud: Map of synergies of the clustered projects Version 2.

Research and Innovation Challenges in Data Protection, Security and Privacy in the Cloud: Map of synergies of the clustered projects Version 2. Research and Innovation Challenges in Data Protection, Security and Privacy in the Cloud: Map of synergies of the clustered projects Version 2.0 Authors: Beatriz Gallego-Nicasio Crespo, ATOS Spain S.A.,

More information

EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015

EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015 EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015 Aristotelis Tzafalias Trust and Security Unit H.4 DG Connect European Commission Trust and Security: One Mission

More information

The impact of adherence on costs and effectiveness of telemedical patient management in heart failure: A systematic review

The impact of adherence on costs and effectiveness of telemedical patient management in heart failure: A systematic review The impact of adherence on costs and effectiveness of telemedical patient management in heart failure: A systematic review A. S. Hameed 1,3, S. Sauermann 2, G. Schreier 3 1 Faculty of Business and Economics,

More information

Assessing Risks in the Cloud

Assessing Risks in the Cloud Assessing Risks in the Cloud Jim Reavis Executive Director Cloud Security Alliance Agenda Definitions of Cloud & Cloud Usage Key Cloud Risks About CSA CSA Guidance approach to Addressing Risks Research

More information

Reality Check: Practical Limitations of Technical Privacy Protection

Reality Check: Practical Limitations of Technical Privacy Protection Munich IT Security Research Group Reality Check: Practical Limitations of Technical Privacy Protection Hans-Joachim Hof MuSe - Munich IT Security Research Group Munich University of Applied Sciences hof@hm.edu

More information

The Case for a Reference Framework for Trusted Multi-Tenant Infrastructure

The Case for a Reference Framework for Trusted Multi-Tenant Infrastructure The Case for a Reference Framework for Trusted Multi-Tenant Infrastructure Michael Donovan Chief Technologist HP Enterprise Services Erik Visnyak IA Engineer BAE Systems 09/21/2011 Abstract Learn about

More information

Europol Public Information VACANCY NOTICE. Senior Specialist ICT Solutions Architect (AD7), within the ICT Business Area

Europol Public Information VACANCY NOTICE. Senior Specialist ICT Solutions Architect (AD7), within the ICT Business Area The Hague, 08 September 2015 Reg. nº: Europol/2015/TA/AD7/219 VACANCY NOTICE Name of the Post: Senior Specialist ICT Solutions Architect (AD7), within the ICT Business Area Reporting to: Senior Specialist

More information

USABILITY EVALUATION OF ELECTRONIC SIGNATURE BASED E-GOVERNMENT SOLUTIONS

USABILITY EVALUATION OF ELECTRONIC SIGNATURE BASED E-GOVERNMENT SOLUTIONS USABILITY EVALUATION OF ELECTRONIC SIGNATURE BASED E-GOVERNMENT SOLUTIONS Thomas Zefferer Innovation Center (EGIZ) Inffeldgasse 16a, 8010 Graz, Austria Vesna Krnjic Innovation Center (EGIZ) Inffeldgasse

More information

ETSI SECURITY WEEK EIDAS Overview CEN/ETSI esignature Standardization including standards for TSP Compliance. ETSI 2015. All rights reserved

ETSI SECURITY WEEK EIDAS Overview CEN/ETSI esignature Standardization including standards for TSP Compliance. ETSI 2015. All rights reserved ETSI SECURITY WEEK EIDAS Overview CEN/ETSI esignature Standardization including standards for TSP Compliance esignature Standards Framework Certificate Authority Time-stamping Signing Servers Validation

More information

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.

preliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design. Privacy-Preserving Public Auditing For Secure Cloud Storage ABSTRACT: Using cloud storage, users can remotely store their data and enjoy the on-demand high-quality applications and services from a shared

More information

Rules for the Public Administration

Rules for the Public Administration Cloud Computing & Healthcare Rules for the Public Administration Daniele Tatti tatti@digitpa.gov.it @DanieleTatti In the next 12 minutes What is DigitPA European scenario Cloud related activities ehealth

More information

Integrity measurements for stronger cloud-based authentication

Integrity measurements for stronger cloud-based authentication Integrity measurements for stronger cloud-based authentication John Žic1 Thomas Hardjono 2 1 CSIRO Computational Informatics 2 MIT Kerberos and Internet of Trust Trust in the Digital World: Enabling the

More information

TRUSTED CLOUD. Our commitment to provide a cloud you can trust. Fernando Machado Píriz September 2014

TRUSTED CLOUD. Our commitment to provide a cloud you can trust. Fernando Machado Píriz September 2014 TRUSTED CLOUD Our commitment to provide a cloud you can trust Fernando Machado Píriz September 2014 Technology Trends Driving cloud adoption 71% of strategic buyers cite scalability, cost and business

More information

Work programme 2016 2018

Work programme 2016 2018 ARTICLE 29 Data Protection Working Party 417/16/EN WP235 Work programme 2016 2018 Adopted on 2 February 2016 This Working Party was set up under Article 29 of Directive 95/46/EC. It is an independent European

More information

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG 1 The Big Data Working Group (BDWG) will be identifying scalable techniques for data-centric security and privacy problems. BDWG s investigation

More information

Brainloop Cloud Security

Brainloop Cloud Security Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating

More information

Privacy Management Standards: What They Are and Why They Are Needed Now

Privacy Management Standards: What They Are and Why They Are Needed Now ITU-T Q10/17 Identity Summit Geneva December 10, 2010 Privacy Management Standards: What They Are and Why They Are Needed Now John Sabo Director Global Government Relations Chair, OASIS IDtrust Member

More information

Top Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America

Top Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America 1 Top Ten Security and Privacy Challenges for Big Data and Smartgrids Arnab Roy Fujitsu Laboratories of America 2 User Roles and Security Concerns [SKCP11] Users and Security Concerns [SKCP10] Utilities:

More information

De-Mail. A reliable and secure online communication platform. Armin Wappenschmidt (secunet) More information: www.de-mail.de

De-Mail. A reliable and secure online communication platform. Armin Wappenschmidt (secunet) More information: www.de-mail.de De-Mail A reliable and secure online communication platform Armin Wappenschmidt (secunet) More information: www.de-mail.de 1 Agenda Overview of De-Mail Implementation aspects Current status and outlook

More information

Kimmo Rossi. European Commission DG CONNECT

Kimmo Rossi. European Commission DG CONNECT Kimmo Rossi European Commission DG CONNECT Unit G.3 -Data Value Chain NCP training day, Brussels 18/9/2014 What we do Unit CNECT.G3 Data Value Chain FP7/CIP/H2020 project portfolio: Big Data, analytics,

More information

PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE

PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE PRIVACY-PRESERVING PUBLIC AUDITING FOR SECURE CLOUD STORAGE Abstract: Using Cloud Storage, users can remotely store their data and enjoy the on-demand high quality applications and services from a shared

More information

Unifying framework for Identity management

Unifying framework for Identity management Unifying framework for Identity management Breakfast seminar Security-Assessment.com Stephan Overbeek 2006-03-28 Disclaimer + This is a slide pack that supports a narrative and needs to be accompanied

More information

Providing Access Permissions to Legitimate Users by Using Attribute Based Encryption Techniques In Cloud

Providing Access Permissions to Legitimate Users by Using Attribute Based Encryption Techniques In Cloud Providing Access Permissions to Legitimate Users by Using Attribute Based Encryption Techniques In Cloud R.Udhayakumar 1, M. Jawahar 2, I.Ramasamy 3 PG Student, Dept. Of CSE,KSR Institute For Engineering

More information

IoT-03-2017 R&I on IoT integration and platforms INTERNET OF THINGS FOCUS AREA

IoT-03-2017 R&I on IoT integration and platforms INTERNET OF THINGS FOCUS AREA HORIZON 2020 WP 2016-17 IoT-03-2017 R&I on IoT integration and platforms INTERNET OF THINGS DG CONNECT European Commission Internet of Things As enabler of a future hyper-connected society, the Internet

More information

Service Oriented Networks Security. David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008

Service Oriented Networks Security. David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008 Service Oriented Networks Security David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008 While empowering new business models, SON leads to a proliferation of application networks

More information

WORK PROGRAMME 2014 2015 Topic ICT 9: Tools and Methods for Software Development

WORK PROGRAMME 2014 2015 Topic ICT 9: Tools and Methods for Software Development WORK PROGRAMME 2014 2015 Topic ICT 9: Tools and Methods for Software Development Dr. Odysseas I. PYROVOLAKIS European Commission DG CONNECT Software & Services, Cloud odysseas.pyrovolakis@ec.europa.eu

More information

Translation Service Provider according to ISO 17100

Translation Service Provider according to ISO 17100 www.lics-certification.org Certification Scheme S06 Translation Service Provider according to ISO 17100 Date of issue: V2.0, 2015-11-15 Austrian Standards plus GmbH Dr. Peter Jonas Heinestraße 38 1020

More information

ERC Synergy Grant White Paper. impact Privacy, Accountability, Compliance, and Trust in Tomorrow s Internet

ERC Synergy Grant White Paper. impact Privacy, Accountability, Compliance, and Trust in Tomorrow s Internet ERC Synergy Grant White Paper impact Privacy, Accountability, Compliance, and Trust in Tomorrow s Internet Principal Investigators (PIs) : Michael Backes, Saarland University : Peter Druschel, Max Planck

More information

Privacy and Identity Management for Europe

Privacy and Identity Management for Europe Privacy and Identity Management for Europe Pierangela Samarati Università degli Studi di Milano Milan, Italy samarati@dti.unimi.it Page 1 Vision and Objectives Users disclose vast amounts of personal information

More information

Europol Public Information VACANCY NOTICE

Europol Public Information VACANCY NOTICE The Hague, 21 April 2015 Reg. nº: Europol/2015/TA/AD8/193 VACANCY NOTICE Name of the Post: Senior Specialist Enterprise Infrastructure Architect (AD8), within the ICT Business Area, Architecture Team of

More information

Securing the E-Health Cloud

Securing the E-Health Cloud Securing the E-Health Cloud Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy 1st ACM International Health Informatics Symposium (IHI 2010) Arlington, Virginia, USA, 11-12 November 2010 Introduction Buzzwords

More information

Associate Prof. Dr. Victor Onomza Waziri

Associate Prof. Dr. Victor Onomza Waziri BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,

More information

GUESTBOOK REWARDS, INC. Privacy Policy

GUESTBOOK REWARDS, INC. Privacy Policy GUESTBOOK REWARDS, INC. Privacy Policy Welcome to Guestbook Rewards, Inc. the online and mobile service of Guestbook Rewards, Inc. ( The Guestbook, we, or us ). Our Privacy Policy explains how we collect,

More information

Feliciano Intini Responsabile dei programmi di Sicurezza e Privacy Microsoft Italia

Feliciano Intini Responsabile dei programmi di Sicurezza e Privacy Microsoft Italia Feliciano Intini Responsabile dei programmi di Sicurezza e Privacy Microsoft Italia NonSoloSecurity Blog: http://blogs.technet.com/feliciano_intini Twitter: @felicianointini Trustworthy Computing Cloud:

More information

Kimmo Rossi. European Commission DG CONNECT

Kimmo Rossi. European Commission DG CONNECT Kimmo Rossi European Commission DG CONNECT Unit G.3 - Data Value Chain SC1 info day, Brussels 5/12/2014 1 What we do Unit CNECT.G3 Data Value Chain FP7/CIP/H2020 project portfolio: Big Data, analytics,

More information

RECOMMENDATIONS for the PROCESSING of EXTENDED VALIDATION SSL CERTIFICATES January 2, 2014 Version 2.0

RECOMMENDATIONS for the PROCESSING of EXTENDED VALIDATION SSL CERTIFICATES January 2, 2014 Version 2.0 Forum RECOMMENDATIONS for the PROCESSING of EXTENDED VALIDATION SSL CERTIFICATES January 2, 2014 Version 2.0 Copyright 2007-2014, The CA / Browser Forum, all rights reserved. Verbatim copying and distribution

More information

Action full title: Universal, mobile-centric and opportunistic communications architecture. Action acronym: UMOBILE

Action full title: Universal, mobile-centric and opportunistic communications architecture. Action acronym: UMOBILE Action full title: Universal, mobile-centric and opportunistic communications architecture Action acronym: UMOBILE Deliverable: D.6.10 - Data Management Plan Project Information: Project Full Title Project

More information

E-Democracy and e-voting

E-Democracy and e-voting E-Democracy and e-voting How to make them secure and transparent August 2013 Jordi Puiggali CSO and SVP R&D Jordi.puiggali@scytl.com Index Introduction e-democracy Security and Transparency in e-voting

More information

Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED. 25-27 March 2015

Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED. 25-27 March 2015 Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED 25-27 March 2015 Cybersecurity and Data Protection - First Principles By Chris Connolly

More information

Submitted to the EC on 03/06/2012. COMPETITIVENESS AND INNOVATION FRAMEWORK PROGRAMME ICT Policy Support Programme (ICT PSP) e-codex

Submitted to the EC on 03/06/2012. COMPETITIVENESS AND INNOVATION FRAMEWORK PROGRAMME ICT Policy Support Programme (ICT PSP) e-codex Submitted to the EC on 03/06/2012 COMPETITIVENESS AND INNOVATION FRAMEWORK PROGRAMME ICT Policy Support Programme (ICT PSP) e-codex e-justice Communication via Online Data Exchange ICT PSP call identifier:

More information

Project Initiation Document. Pilot name: Process flow software Mavim Municipality: City of Kortrijk Work-package: WP3 Date: July 2010 (v2)

Project Initiation Document. Pilot name: Process flow software Mavim Municipality: City of Kortrijk Work-package: WP3 Date: July 2010 (v2) Project Initiation Document Pilot name: Process flow software Mavim Municipality: City of Kortrijk Work-package: WP3 Date: July 2010 (v2) Contents 1. Introduction... 3 2. Pilot information... 3 2.1. Pilot

More information

Lessons from the field: Implementing Information Governance and Records Management with Microsoft SharePoint

Lessons from the field: Implementing Information Governance and Records Management with Microsoft SharePoint Lessons from the field: Implementing Information Governance and Records Management with Microsoft SharePoint Veli-Matti Vanamo - Principal Consultant at Ignia - 12 Year SharePoint Veteran (there should

More information

Horizon 2020 - ICT Call 2016 Topic Preview 5 th May 2015

Horizon 2020 - ICT Call 2016 Topic Preview 5 th May 2015 Horizon 2020 - ICT Call 206 Topic Preview 5 th May 205 Call Identifier: H2020-ICT-206 Call Publication: late Q3 205 Call Deadline: Q-2 206 (except for the instrument) Estimated budget for this call: 970

More information

Trusted Multi-Tenant Infrastructure

Trusted Multi-Tenant Infrastructure Trusted Multi-Tenant Infrastructure February 14 th 2011 Copyright 2011 - Trusted Computing Group Trusted Multi-Tenant Infrastructure Workgroup Market Observations: Multi-Tenant security is an end-to-end

More information

Sofware Engineering, Services and Cloud Computing

Sofware Engineering, Services and Cloud Computing Work Programme 2013 Objective ICT-2013.1.2: Sofware Engineering, Services and Cloud Computing DG CONNECT Unit E2: Software and Service, Cloud Target Outcomes Delivering services in an effective, efficient

More information

Security of smart grid communication protocols

Security of smart grid communication protocols Security of smart grid communication protocols C-DAX is funded by the European Union's Seventh Framework Programme (FP7-ICT-2011-8) under grant agreement n 318708 Erik Poll Radboud University Nijmegen

More information

CHAPTER 1 INTRODUCTION

CHAPTER 1 INTRODUCTION 1 CHAPTER 1 INTRODUCTION 1.1 Overview Cloud computing has emerged as a business IT solution that provides a new way to manage and deliver automated computing services to consumers via the Internet (Shawish

More information

Delivery date: 18 October 2014

Delivery date: 18 October 2014 Genomic and Clinical Data Sharing Policy Questions with Technology and Security Implications: Consensus s from the Data Safe Havens Task Team Delivery date: 18 October 2014 When the Security Working Group

More information

Transparency. Privacy. Compliance. Security. What does privacy at Microsoft mean? Are you using my data to build advertising products?

Transparency. Privacy. Compliance. Security. What does privacy at Microsoft mean? Are you using my data to build advertising products? Privacy Transparency What does privacy at Microsoft mean? Are you using my data to build advertising products? Where is my data? Who has access to my data? Compliance What certifications and capabilities

More information

BUDGET. Themes and objectives Funding instrument Indicative Budget. Smart, sustainable mobility Pilot B TN 13.5 M

BUDGET. Themes and objectives Funding instrument Indicative Budget. Smart, sustainable mobility Pilot B TN 13.5 M BUDGET Themes and objectives Funding instrument Indicative Budget Theme 1: Cloud of public services and smart cities 32.5 M Cloud of public services Pilot B 18 M Smart, sustainable mobility Pilot B TN

More information

Global Efforts to Secure Cloud Computing

Global Efforts to Secure Cloud Computing April 2012 Global Efforts to Secure Cloud Computing Jim Reavis Executive Director Cloud: ushering in IT Spring Technology consumerization and its offspring Cloud: Compute as a utility Smart Mobility: Compute

More information

Secure cloud access system using JAR ABSTRACT:

Secure cloud access system using JAR ABSTRACT: Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that

More information

WWRF Cloud Implications to Security, Privacy, and Trust

WWRF Cloud Implications to Security, Privacy, and Trust ITU-T Workshop on Addressing security challenges on a global scale 06.+07.12.2010, Geneva WWRF Cloud Implications to Security, Privacy, and Trust Mario Hoffmann Chair WWRF Working Group 7 Security & Trust

More information

SP 800-130 A Framework for Designing Cryptographic Key Management Systems. 5/25/2012 Lunch and Learn Scott Shorter

SP 800-130 A Framework for Designing Cryptographic Key Management Systems. 5/25/2012 Lunch and Learn Scott Shorter SP 800-130 A Framework for Designing Cryptographic Key Management Systems 5/25/2012 Lunch and Learn Scott Shorter Topics Follows the Sections of SP 800-130 draft 2: Introduction Framework Basics Goals

More information

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE MACHINE-TO-MACHINE ENABLE AND SECURE A CONNECTED LIFE DRIVEN BY GOVERNMENT REGULATIONS, COMPANY AND CONSUMER NEEDS, PRODUCTS ARE TRANSFORMED INTO INTELLIGENT,

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

Cyber Security and Privacy

Cyber Security and Privacy Cyber Security and Privacy Jovan Golić CySeP Winter School, Stockholm, 2014 EIT ICT Labs EIT ICT Labs is one of the first Knowledge and Innovation Communities set up in 2010 by the European Institute of

More information

Assumption Busters Workshop - Cloud Computing

Assumption Busters Workshop - Cloud Computing Assumption Busters Workshop - Cloud Computing Background: In 2011, the U.S. Federal Cyber Research Community conducted a series of four workshops designed to examine key assumptions that underlie current

More information

ERA System Development Statement of Objectives

ERA System Development Statement of Objectives ATTACHMENT 1 STATEMENT OF OBJECTIVES NARA Electronic Records Archives (ERA) ERA System Development Statement of Objectives 1.0 Purpose of the Statement of Objectives (SOO) This Statement of Objectives

More information

Prof. Udo Helmbrecht

Prof. Udo Helmbrecht Prof. Udo Helmbrecht Guiding EU Cybersecurity from Policy to Implementation Udo Helmbrecht Executive Director Information Security for the Public Sector 2015 Stockholm 02/09/15 European Union Agency for

More information

Privacy Statement, Effective as of May 4, 2014

Privacy Statement, Effective as of May 4, 2014 Ulfberht Software Systems, LLC ( Ulfberht or the Company ) is committed to protecting the privacy of individuals who visit the Company s Web sites ( Visitors ) and individuals who register to use the Services

More information

1 st Symposium on Colossal Data and Networking (CDAN-2016) March 18-19, 2016 Medicaps Group of Institutions, Indore, India

1 st Symposium on Colossal Data and Networking (CDAN-2016) March 18-19, 2016 Medicaps Group of Institutions, Indore, India 1 st Symposium on Colossal Data and Networking (CDAN-2016) March 18-19, 2016 Medicaps Group of Institutions, Indore, India Call for Papers Colossal Data Analysis and Networking has emerged as a de facto

More information

24 Highbury Crescent London N5 1RX UK Tel: + 44 (0) 207 563 9170 Fax: +44 (0) 207 563 9171

24 Highbury Crescent London N5 1RX UK Tel: + 44 (0) 207 563 9170 Fax: +44 (0) 207 563 9171 September 10, 2015 ICRT International Consumer Research & Testing 24 Highbury Crescent London N5 1RX UK Tel: + 44 (0) 207 563 9170 Fax: +44 (0) 207 563 9171 Dear Mr. Spiezle. As comments are invited before

More information

Data safety at UXprobe. White Paper Copyright 2015 UXprobe bvba

Data safety at UXprobe. White Paper Copyright 2015 UXprobe bvba Data safety at UXprobe White Paper Copyright 2015 UXprobe bvba Table of contents Executive summary.... 3 1. Google App Engine... 4 2. Security at Google... 4 2.1. Data Access and identity... 4 2.2. Storage...

More information

Models for Action: Practical Approaches to Electronic Records Management & Preservation. Project Report 98-1

Models for Action: Practical Approaches to Electronic Records Management & Preservation. Project Report 98-1 Models for Action: Practical Approaches to Electronic Records Management & Preservation Project Report 98-1 Models for Action Project: Developing Practical Approaches to Electronic Records Management and

More information

NIST Big Data Public Working Group

NIST Big Data Public Working Group NIST Big Data Public Working Group Requirements May 13, 2014 Arnab Roy, Fujitsu On behalf of the NIST BDWG S&P Subgroup S&P Requirements Emerging due to Big Data Characteristics Variety: Traditional encryption

More information

Longmai Mobile PKI Solution

Longmai Mobile PKI Solution Longmai Mobile PKI Solution A quick Solution to External and Internal fraud in Insurance Industry Putting the client at the center of modernization Contents 1. INTRODUCTION... 3 1.1 Challenges... 3 1.2

More information

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG 1 Security Analytics Crypto and Privacy Technologies Infrastructure Security 60+ members Framework and Taxonomy Chair - Sree Rajan, Fujitsu

More information

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids C-DAX Consortium

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids C-DAX Consortium C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids C-DAX Consortium C- DAX is funded by the European Union's Seventh Framework Programme (FP7- ICT- 2011-8) under grant agreement n 318708 C-DAX

More information

Digital Identity Management

Digital Identity Management Digital Identity Management Techniques and Policies E. Bertino CS Department and ECE School CERIAS Purdue University bertino@cs.purdue.edu Digital Identity Management What is DI? Digital identity (DI)

More information

TECHNICAL SPECIFICATION: SECURE LEGISLATION-AWARE STORAGE SOLUTION

TECHNICAL SPECIFICATION: SECURE LEGISLATION-AWARE STORAGE SOLUTION REALIZATION OF A RESEARCH AND DEVELOPMENT PROJECT (PRE-COMMERCIAL PROCUREMENT) ON CLOUD FOR EUROPE TECHNICAL SPECIFICATION: SECURE LEGISLATION-AWARE STORAGE SOLUTION ANNEX IV (C) TO THE CONTRACT NOTICE

More information

Device-Centric Authentication and WebCrypto

Device-Centric Authentication and WebCrypto Device-Centric Authentication and WebCrypto Dirk Balfanz, Google, balfanz@google.com A Position Paper for the W3C Workshop on Web Cryptography Next Steps Device-Centric Authentication We believe that the

More information

Security and Privacy in IoT Challenges to be won

Security and Privacy in IoT Challenges to be won Security and Privacy in IoT Challenges to be won Enrico Del Re University of Florence and CNIT Italy June 16-18, 2015 CHIST-ERA Conference 2015 1 FROM WHERE WE START.. June 16-18, 2015 CHIST-ERA Conference

More information

K-Series Guide: Guide to digitising your document and business processing. February 2014 LATEST EDITION

K-Series Guide: Guide to digitising your document and business processing. February 2014 LATEST EDITION K-Series Guide: Guide to digitising your document and business processing February 2014 LATEST EDITION Kefron are the Document Kefron & simplifies the document and Information information management world

More information

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012 ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe CENTR General Assembly, Brussels October 4, 2012 christoffer.karsberg@enisa.europa.eu 1 Who we are ENISA was

More information

Trentino e-government System

Trentino e-government System Trentino e-government System Sergio Bettotti, Director, Department for ICT & Innovation Roberto Pizzicannella, I-Gov Unit, Department for ICT & Innovation meeting with the Palestinian Authority Outline

More information

Cybersecurity Risk Assessment in Smart Grids

Cybersecurity Risk Assessment in Smart Grids Cybersecurity Risk Assessment in Smart Grids Lucie Langer, Paul Smith, Thomas Hecht firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Symposium 2014 Sept 30, 2014 1 Risk Assessment:

More information

The Internet of Things: 4 security dimensions of smart devices

The Internet of Things: 4 security dimensions of smart devices The Internet of Things: 4 security dimensions of smart devices Like all major technological revolutions, digital transformation is spreading over many areas: home automation, physical security, mobility,

More information

ENISA and Cloud Security

ENISA and Cloud Security ENISA and Cloud Security Rossen Naydenov Network Information Security Officer Critical Information Infrastructure Protection Department - ENISA European Union Agency for Network and Information Security

More information

Green Software Services From requirements to Business Models

Green Software Services From requirements to Business Models Green Software Services From requirements to Business Models Schahram Dustdar TU Wien Austria Distributed Systems Group dsg.tuwien.ac.at Smart Evolution People, Services,Things Smart Buildings and Energy

More information

Build (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)

Build (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation) It is a well-known fact in computer security that security problems are very often a direct result of software bugs. That leads security researches to pay lots of attention to software engineering. The

More information

Future Internet Service- Based Architecture According to FI-WARE

Future Internet Service- Based Architecture According to FI-WARE pt Future Internet Service- Based Architecture According to FI-WARE Smart AgriMatics Conference 13 14 June 2012, Paris, France www.huawei.com Dr.-Ing. Egon Schulz European Research Centre Munich Huawei

More information

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES 5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES 5 FAM 141 PURPOSE (CT-IM-112; 07-30-2010) (Office of Origin: IRM/OPS/ITI/SI/IIB) The purpose of this FAM chapter is to enable the Department to

More information

FIDO Trust Requirements

FIDO Trust Requirements FIDO Trust Requirements Ijlal Loutfi, Audun Jøsang University of Oslo Mathematics and Natural Sciences Faculty NordSec 2015,Stockholm, Sweden October, 20 th 2015 Working assumption: End Users Platforms

More information

Information Management Advice 39 Developing an Information Asset Register

Information Management Advice 39 Developing an Information Asset Register Information Management Advice 39 Developing an Information Asset Register Introduction The amount of information agencies create is continually increasing, and whether your agency is large or small, if

More information

Response of the German Medical Association

Response of the German Medical Association Response of the German Medical Association To the Green Paper on mobile Health ( mhealth ) of the European Commission Berlin, 3 July 2014 Bundesärztekammer Herbert-Lewin-Platz 1 10623 Berlin We are grateful

More information

Chicagoland Burger Build Off Privacy Policy

Chicagoland Burger Build Off Privacy Policy Chicagoland Burger Build Off Privacy Policy Purpose of Privacy Policy McDonald s Owners of Chicagoland and Northwest Indiana [MOCNI] ( Company, we or us ) is a franchisee Co-Op of McDonald s Corporation.

More information

Public Key Cryptography in Practice. c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13)

Public Key Cryptography in Practice. c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13) Public Key Cryptography in Practice c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13) How Cryptography is Used in Applications The main drawback of public key cryptography is the inherent

More information

Cloud Computing Security Considerations

Cloud Computing Security Considerations Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction

More information

Encryption-based 2FA for Server-side Qualified Signature Creation

Encryption-based 2FA for Server-side Qualified Signature Creation S C I E N C E P A S S I O N T E C H N O L O G Y Encryption-based 2FA for Server-side Qualified Signature Creation Christof Rath, christof.rath@iaik.tugraz.at Institute for Applied Information Processing

More information

MUSA: Multicloud Secure Applications

MUSA: Multicloud Secure Applications MUSA: Multicloud Secure Applications Massimiliano Rak, CerICT/Second University of Naples Dissemination Leader 1 Project Consortium Fundación Tecnalia Research & Innovation (TECNALIA, Spain) Centro Regionale

More information

23.9.2015. Kangas Cybersecurity strategy

23.9.2015. Kangas Cybersecurity strategy Kangas Cybersecurity strategy Vision of Kangas Smart Kangas Life and living at Kangas is convenient, easy and safe. Kangas is resource-wise and it is attractive place of work. Security and safety measures

More information

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS Shirley Radack, Editor Computer Security Division Information

More information

Next Generation Modeling and Simulation Engineering using Cloud Computing

Next Generation Modeling and Simulation Engineering using Cloud Computing National Aeronautics and Space Administration GODDARD SPACE FLIGHT CENTER Next Generation Modeling and Simulation Engineering using Cloud Computing A presentation of use cases and possible benefits to

More information

egovernment 2020 new media and technologies for better citizenship oriented communication and applications

egovernment 2020 new media and technologies for better citizenship oriented communication and applications egovernment 2020 new media and technologies for better citizenship oriented communication and applications Christian Rupp, Austrian Federal Chancellery Federal Republic of Austria Area: 83 879 km² - Population:

More information